Our November chapter meeting is on Wednesday, November 7th, 2018 at 5:45PM. Please RSVP if you plan on attending!
Tales from the CSOC – APT Attack Survival
Abstract: Since early 2018, APT Leviathan (Fever Dream, TEMP.Periscope) has been conducting an ongoing wave of intrusions targeting engineering and maritime entities. This tale from the CSOC chronicles one such attack encounter. From the APT side of the story, we will explore how they achieved shell, conducted recon, gathered creds, moved laterally, established persistence and engaged their core target. From the CSOC side of the story, we will review how they were detected, pursued, and defeated in the last second cut-the-red-wire-before-detonation dramatic ending. We’ll conclude with lessons learned and recommendations.
Paul Speulstra has over 25 years of enterprise IT experience, is an accomplished cyber security specialist, software developer and IT manager. From the early days of the very first boot sector and macro viruses to today’s threats combating APTs, cyptomining and ransomware attacks, Paul has an extensive and diversified background in the IT security sphere. Currently serving as an incident responder in a Fortune 500 global cyber security operations center for the past 4 years, Paul has firsthand experience in the research, prevention, detection and remediation of current cyber security threats and malware. Paul also enjoys writing custom software security utilities to complement and enhance the defense-in-depth security posture at his workplace.
5:45-6:00PM Networking, dinner
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519